Here is the output of the requested commands. The -Z shows the selinux contexts...
> [r...@localhost fw]# pwd > /BackupData/pc/fw > [r...@localhost fw]# getenforce > Enforcing > [r...@localhost fw]# ls -la -Z > drwxr-x--- backuppc backuppc root:object_r:var_lib_t . > drwxr-x--- backuppc root system_u:object_r:var_lib_t .. > drwxr-x--- backuppc backuppc root:object_r:var_lib_t 0 > drwxr-x--- backuppc backuppc root:object_r:var_lib_t 1 > -rw-r----- backuppc backuppc root:object_r:var_lib_t backups > -rw-r----- backuppc backuppc root:object_r:var_lib_t backups.old > -rw-r----- backuppc backuppc root:object_r:var_lib_t LOCK > -rw-r----- backuppc backuppc root:object_r:var_lib_t LOG.062009 > -rw-r----- backuppc backuppc root:object_r:var_lib_t XferLOG.0.z > -rw-r----- backuppc backuppc root:object_r:var_lib_t XferLOG.1.z > [r...@localhost fw]# > -- > If it turns out to be a selinux issue (which by now it does appear to be), I'd rather not disable selinux, but rather debug the context issues... I just found some selinux errors in /var/log/messages: Jun 24 14:46:21 localhost setroubleshoot: SELinux is preventing access to > files with the label, file_t. For complete SELinux messages. run sealert -l > 0de6d349-55f3-4ae2-aa9b-cfa3228e9c32 > Here is the output of the sealert command: sealert -l 0de6d349-55f3-4ae2-aa9b-cfa3228e9c32 > > Summary: > > SELinux is preventing access to files with the label, file_t. > > Detailed Description: > > SELinux permission checks on files labeled file_t are being denied. file_t > is > the context the SELinux kernel gives to files that do not have a label. > This > indicates a serious labeling problem. No files on an SELinux box should > ever be > labeled file_t. If you have just added a new disk drive to the system you > can > relabel it using the restorecon command. Otherwise you should relabel the > entire > files system. > > Allowing Access: > > You can execute the following command as root to relabel your computer > system: > "touch /.autorelabel; reboot" > > Additional Information: > > Source Context root:system_r:httpd_t > Target Context system_u:object_r:file_t > Target Objects / [ dir ] > Source perl5.8.8 > Source Path /usr/bin/perl5.8.8 > Port <Unknown> > Host dumbo > Source RPM Packages perl-5.8.8-18.el5_3.1 > Target RPM Packages filesystem-2.4.0-2.el5.centos > Policy RPM selinux-policy-2.4.6-203.el5 > Selinux Enabled True > Policy Type targeted > MLS Enabled True > Enforcing Mode Enforcing > Plugin Name file > Host Name localhost > Platform Linux localhost 2.6.18-128.1.14.el5 #1 SMP > Wed Jun 17 > 06:40:54 EDT 2009 i686 i686 > Alert Count 579 > First Seen Sun Jun 21 19:35:32 2009 > Last Seen Wed Jun 24 16:31:07 2009 > Local ID 0de6d349-55f3-4ae2-aa9b-cfa3228e9c32 > Line Numbers > > Raw Audit Messages > > host=localhost type=AVC msg=audit(1245886267.914:1245): avc: denied { > search } for pid=1898 comm="perl5.8.8" name="/" dev=dm-4 ino=2 > scontext=root:system_r:httpd_t:s0 tcontext=system_u:object_r:file_t:s0 > tclass=dir > > host=localhost type=SYSCALL msg=audit(1245886267.914:1245): arch=40000003 > syscall=195 success=no exit=-13 a0=8bd37f8 a1=8a6d0c8 a2=aa4ff4 a3=8bd37f8 > items=0 ppid=23678 pid=1898 auid=0 uid=101 gid=48 euid=101 suid=101 > fsuid=101 egid=48 sgid=48 fsgid=48 tty=(none) ses=28 comm="perl5.8.8" > exe="/usr/bin/perl5.8.8" subj=root:system_r:httpd_t:s0 key=(null) > It sounds like this might be helpful for me: > You can execute the following command as root to relabel your computer > system: > "touch /.autorelabel; reboot" > I guess I'll give it a shot and see what happens... Does anyone want to weigh in on whether I should try "touch /.autorelabel; touch /BackupData/.autorelabel; reboot" since the file system in question is mounted to /BackupData, not '/' ? [r...@localhost fw]# mount > ... > /dev/mapper/VolGroup01-LogVol03 on /BackupData type ext3 (rw) > >
------------------------------------------------------------------------------
_______________________________________________ BackupPC-users mailing list BackupPC-users@lists.sourceforge.net List: https://lists.sourceforge.net/lists/listinfo/backuppc-users Wiki: http://backuppc.wiki.sourceforge.net Project: http://backuppc.sourceforge.net/